{"id":21361,"date":"2023-02-28T09:01:24","date_gmt":"2023-02-28T17:01:24","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2023\/02\/28\/news-15092\/"},"modified":"2023-02-28T09:01:24","modified_gmt":"2023-02-28T17:01:24","slug":"news-15092","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2023\/02\/28\/news-15092\/","title":{"rendered":"Microsoft Security Experts discuss evolving threats in roundtable chat"},"content":{"rendered":"<p><strong>Credit to Author: Christine Barrett| Date: Tue, 28 Feb 2023 17:00:00 +0000<\/strong><\/p>\n<p>I don\u2019t know about you, but we\u2019re still catching our breath after 2022. <a href=\"https:\/\/www.microsoft.com\/security\/\">Microsoft Security<\/a> blocked more than 70 billion email and identity threats last year.<sup>1<\/sup> In the same 12-month span, ransomware attacks impacted more than 200 large organizations in the United States alone, spanning government, education, and healthcare.<sup>2<\/sup> With statistics like those, providing a platform to share security insights and first-hand experience feels like a necessity.<\/p>\n<p>With that goal in mind, Microsoft has launched a new kind of security webinar \u201cfor experts, by experts.\u201d The new <a href=\"https:\/\/learning.eventbuilder.com\/event\/68662?source=SecurityExpertsRoundTable\" target=\"_blank\" rel=\"noreferrer noopener\">Security Experts Roundtable<\/a> series will serve as an accessible video platform for cyber defenders to learn about some of the latest threats while gaining a big-picture view of the cybersecurity landscape. Our inaugural episode aired on January 25, 2023, with an expert panel consisting of:<\/p>\n<ul>\n<li><strong>Ping Look<\/strong>, Director, Training and Communications, Microsoft Detection and Response Team (DART)<\/li>\n<li><strong>Ryan Kivett<\/strong>, Partner Director, Microsoft Defender Experts<\/li>\n<li><strong>Jeremy Dallman<\/strong>, Principal Research Director, Customer Ready Intelligence<\/li>\n<li><strong>Rani Lofstrom<\/strong>, Director, Security Incubations<\/li>\n<\/ul>\n<p>This episode also features a special appearance by <strong>Rachel Chernaskey<\/strong>, Director of the Microsoft Digital Threat Analysis Center, who discusses cyber-enabled influence operations. I host a special remote interview with <strong>Mark Simos<\/strong>, Lead Cybersecurity Architect at Microsoft, on how to effectively communicate with your board of directors about cybersecurity. We also talk to <strong>Peter Anaman<\/strong>, Director and Principal Investigator at the Microsoft Digital Crimes Unit about tracking global cybercrime, and we have a special guest interview with <strong>Myrna Soto<\/strong>, Chief Executive Officer (CEO) and Founder of Apogee Executive Advisors, on the state of cybersecurity in the manufacturing sector.<\/p>\n<h2>Evolving threats\u2014Expert insights<\/h2>\n<p>Back in December 2020, Microsoft investigated a new nation-state attacker now known as Nobelium that became a global cybersecurity threat.<sup>3<\/sup> The following year, the hacker gang Lapsus moved into the spotlight with large-scale social engineering and extortion campaigns directed against multiple organizations.<sup>4<\/sup> Those threat groups are still active, but 2022 saw a slowing in their attacks. \u201cWe didn\u2019t have too many high-profile mass-casualty events,\u201d Ping points out. \u201cBut we did see a continuation of ransomware, identity compromises, and attacks centered on endpoints.\u201d<\/p>\n<p>The ransomware as a service (RaaS) ecosystem has continued to grow.<sup>5<\/sup> Jeremy singles out DEV-0401, also known as Bronze Starlight or Emperor Dragon, as a China-based threat actor that\u2019s \u201cshifted their payloads to LockBit 2.0, developing their technology and emerging some of their tradecraft in order to evade detection and target our customers more prolifically.\u201d<sup>6<\/sup> Jeremy also calls out DEV-0846 as a provider of custom ransomware,<sup>7<\/sup> as well as Russia\u2019s Iridium as a source of ongoing attacks against transportation and logistics industries in Ukraine and Poland.<sup>8<\/sup> He also cites Russia-based actor DEV-0586 as using ransomware as a ruse to target customers, then following up with destructive data \u201cwiper\u201d attacks.<sup>9<\/sup><\/p>\n<p>In his position as Director of Microsoft Defender Experts, Ryan brings a unique perspective on the changing threat landscape.<sup>10<\/sup> \u201cIt\u2019s been a proliferation of credential theft activity, largely stemming from adversary-in-the-middle attacks.\u201d He points out that this kind of attack \u201cunderscores the importance of having a strategy for <a href=\"https:\/\/www.microsoft.com\/security\/business\/services\/microsoft-defender-experts-hunting\">detection and hunting<\/a> that\u2019s beyond the endpoint; for example, in the email and identity space.\u201d<\/p>\n<p>\u201cIdentity compromises have been on the rise,\u201d Ping concurs. \u201cAttackers are just taking advantage of any vectors of entry that any customer has in their environment. So, it\u2019s really important customers exercise good basic security hygiene.\u201d She stresses that defenders should think of their environment as one organic whole, instead of separate parts. \u201cIf you have anything that touches the external world\u2014domain controllers, email\u2014those are all potential vectors of entry by attackers.\u201d In short, protecting against the constantly evolving threats of today (and tomorrow) requires embracing a <a href=\"https:\/\/www.microsoft.com\/security\/business\/zero-trust\">Zero Trust<\/a> comprehensive approach to security.<sup>11<\/sup><\/p>\n<h2>Understanding cyber-influence operations<\/h2>\n<p>Cyber-enabled influence operations don\u2019t grab headlines the way ransomware attacks do, but their effects are more pernicious. In this kind of cybercrime, a nation-state or non-state actor seeks to shift public opinion or change behavior through subversive means online. In Jeremy\u2019s talk with Rachel, she breaks down how these types of attacks unfold in three phases:<\/p>\n<ol type=\"1\">\n<li><strong>Pre-positioning:<\/strong> Reconnaissance on a target audience, registering web domains to spread propaganda, or setting up inauthentic social media accounts.<\/li>\n<li><strong>Launch:<\/strong> Laundering propaganda narratives through fake organizations or media outlets, coordinated overt media coverage, stoking real-world provocations, or the publishing of leaked or sensitive material.<\/li>\n<li><strong>Amplification:<\/strong> Messengers unaffiliated with the actor repeat or repost the content.<\/li>\n<\/ol>\n<p><iframe loading=\"lazy\" title=\"Video Player\" src=\"https:\/\/www.microsoft.com\/en-us\/videoplayer\/embed\/RWWEqt\" class=\"c-video\" frameborder=\"0\" width=\"100%\" height=\"420\" allowfullscreen=\"true\" style=\"\"><\/iframe><\/p>\n<p>The most prolific influence actors are labeled advanced persistent manipulators (APMs). Rachel uses the analogy that \u201cAPMs are to the information space what APTs (advanced persistent threats) are to cyberspace.\u201d APMs are usually nation-state actors, though not always. Increasingly, the Microsoft Digital Threat Analysis Center (DTAC) sees non-state or private-sector actors employing the same influence techniques. In this way, a threat actor that wages a successful cyberattack might repurpose that capability for subsequent influence operations.<\/p>\n<p>Rachel explains how DTAC uses the \u201cfour M model:\u201d message, messenger, medium, and method. The message is just the rhetoric or the content that an actor seeks to spread, which typically aligns with the nation-state\u2019s geopolitical goals. The messengers include the influencers, correspondence, and propaganda outlets that amplify the message in the digital environment. The mediums are the platforms and technologies used to spread the message, with video typically being the most effective. And finally, the methods consist of anything from a hack-and-leak operation to using bots or computational propaganda, or real-world elements like party-to-party political engagement.<\/p>\n<p>So why should private organizations be concerned with cyber-influence operations? \u201cInfluence operations inherently seek to sow distrust, and that creates challenges between businesses and users,\u201d Rachel explains. \u201cIncreasingly, our team is looking at the nexus between cyberattacks and subsequent influence operations to understand the full picture and better combat these digital threats.\u201d<\/p>\n<h2>Microsoft DCU\u2014Tracking cybercrime across the globe<\/h2>\n<p>The Microsoft Digital Crimes Unit (DCU) consists of a global cross-disciplinarian team of lawyers, investigators, data scientists, engineers, analysts, and business professionals.<sup>12<\/sup> The DCU is committed to fighting cybercrime globally through the application of technology, forensics, civil actions, criminal referrals, public and private partnerships, and the determined assistance of 8,500 Microsoft security researchers and security engineers. The DCU focuses on five key areas: Business Email Compromise (BEC), Ransomware, Malware, Tech Support Fraud, and Malicious Use of Microsoft Azure. According to Peter Anaman, Director and Principal Investigator at DCU, their investigations reveal that cybercriminals are moving away from a \u201cspray-and-pray\u201d approach toward the as a service model. Along with ransomware, cybercriminals are extending their retail services into new areas such as phishing as a service (PhaaS) and distributed denial of service (DDoS).<\/p>\n<p>Threat actors have even created specialized tools to facilitate BEC, including phishing kits and lists of verified email addresses targeting specific roles, such as C-suite leaders or accounts-payable employees. As part of the service, the seller will design the email template and even scrub the responses to make sure they\u2019re valid. \u201cAll for a subscription model of, like, USD200 dollars a month,\u201d Peter explains. DCU investigative evidence has observed a more than 70 percent increase in these services.<sup>1<\/sup> \u201cWe\u2019re finding that there\u2019s a higher number of people who are committing these crimes. They have greater know-how on different technologies and online platforms that could be used as part of the [attack] vector.\u201d<\/p>\n<p>Regardless of the type of cybercrime, DCU goes after threat actors by executing on three main strategies:<\/p>\n<ul>\n<li><strong>Investigate:<\/strong> Track online criminal networks and make criminal referrals to law enforcement, along with civil actions to disrupt key aspects of technical infrastructure used by cybercriminals.<\/li>\n<li><strong>Share evidence:<\/strong> Assist with victim remediation and allow for the development of technical countermeasures that strengthen the security of Microsoft products and services.<\/li>\n<li><strong>Use our voice and expertise:<\/strong> Build on our partnerships to inform education campaigns and influence legislation and global cooperation to advance the fight against cybercrime.<\/li>\n<\/ul>\n<p>In addition to arrest and prosecution, DCU deters cybercrime by disrupting the technical infrastructure used by criminals, causing them to lose their investments. In 2022, DCU helped to take down more than 500,000 unique phishing URLs hosted outside Microsoft while disrupting cybercriminals\u2019 technical infrastructure, such as virtual machines, email, homoglyph domain names, and public blockchain websites.<\/p>\n<p>DCU also works with Microsoft DART to gather intelligence and share it with other security professionals. Some of those indicators\u2014a URL, domain name, or phishing email\u2014may help with future investigations. \u201cThat intelligence [we gather] feeds back into our machine learning models,\u201d Peter explains. \u201cIf that phishing page or kit is used again there will be better measures to block it at the gate, so our monitoring systems become stronger over time.\u201d<\/p>\n<p>When asked what an organization can do to protect itself, Peter suggests sticking to three cybersecurity basics. First: \u201cUse <a href=\"https:\/\/www.microsoft.com\/security\/business\/identity-access\/azure-active-directory-mfa-multi-factor-authentication\">multifactor authentication<\/a>,\u201d he stresses. \u201cNinety percent of [attacks] could have been stopped just by having multifactor authentication.\u201d Second: \u201cPractice [cyber] hygiene. Don\u2019t just click links because you think it comes from a friend.\u201d Cyber hygiene includes installing all software patches and system upgrades as soon as they become available. And third: \u201cYou\u2019re really looking at the Zero Trust model,\u201d Peter says. \u201cEnforce least privilege [access]\u201d so people only have access to the information they need. Bonus tip: \u201cMake sure you have the same level of security on your personal email as you do on your work [email].\u201d<\/p>\n<h2>Winning in the room\u2014Communicating to the board<\/h2>\n<p>In this segment, I have a chance to speak with one of my favorite folks at Microsoft. Mark Simos is Lead Cybersecurity Architect, Microsoft, (and PowerPoint super genius) with more than two decades of experience, so he knows something about dealing with a board of directors. Whether you work for a public or private company, the board is responsible for oversight. That means making sure that the leadership team is not only managing the business but also managing risks. And cybercrime is one of the biggest risks today\u2019s organization contends with.<\/p>\n<p><iframe loading=\"lazy\" title=\"Video Player\" src=\"https:\/\/www.microsoft.com\/en-us\/videoplayer\/embed\/RWWJ3q\" class=\"c-video\" frameborder=\"0\" width=\"100%\" height=\"420\" allowfullscreen=\"true\" style=\"\"><\/iframe><\/p>\n<p>But for the board to understand the organization\u2019s security positioning, they need to grasp how it relates to the business. Unlike dealing with finances, legal issues, or people management, cybersecurity is a new area for a lot of board members. According to Mark, a big part of winning them over is \u201cmaking sure that the board members understand that cybersecurity is not just a technical problem to be solved, check, and move on. It\u2019s an ongoing risk.\u201d<\/p>\n<p>In our talk, Mark lays out three basic things the board needs to know:<\/p>\n<ul>\n<li><strong>Problem or requirement<\/strong>: Frame this in terminology relating to the business.<\/li>\n<li><strong>Status<\/strong>: How well are you managing risk to your targeted tolerances?<\/li>\n<li><strong>Solution<\/strong>: What is your plan to get there, and how is it progressing?<\/li>\n<\/ul>\n<p>Bonus tips:<\/p>\n<ul>\n<li><strong>Learn about your board. <\/strong>Read their bios and study their backgrounds and professions. These are highly capable and intelligent humans who have mastered demanding disciplines like finance, supply chain management, manufacturing, and more. They are capable of understanding cybersecurity when it\u2019s presented clearly.<\/li>\n<li><strong>Learn their language.<\/strong> This goes back to framing the cybersecurity problem in concepts they\u2019ll understand, helping you land your points accurately.<\/li>\n<li><strong>Find a board buddy<\/strong>. Establish a relationship with someone on the board who has an interest in learning cybersecurity. A mutual mentorship can help you learn about the other person\u2019s area of expertise, which can help you make your case in clear terms.<\/li>\n<\/ul>\n<p>Mark provides a wealth of free resources you can access anytime on Mark\u2019s List.<sup>13<\/sup> Also, there\u2019s a chief information security officer <a href=\"https:\/\/learn.microsoft.com\/security\/ciso-workshop\/the-ciso-workshop\" target=\"_blank\" rel=\"noreferrer noopener\">(CISO) workshop<\/a> available as public videos and as a live workshop from <a href=\"https:\/\/www.microsoft.com\/unifiedsupport\/overview\">Microsoft Unified<\/a> (formerly Premier Support). The workshop provides plenty of material to help accelerate a productive relationship with your board, including:<\/p>\n<ul>\n<li>Sample questions the board should be asking of the security team (and you should be proactively answering).<\/li>\n<li>Roleplay video on how CISOs can engage with hostile business leaders.<\/li>\n<li>Kaplan-style scorecards based on the familiar approach used in many organizations.<\/li>\n<\/ul>\n<p>Often board members don&#8217;t consider that security decisions can be made by asset owners, not just security teams. Mark suggests stressing the holistic aspect of cybersecurity as a differentiator from typical business unit concerns. \u201cWith security, it doesn\u2019t matter where the leak is on the boat; it\u2019s still going to sink,\u201d he says. \u201cSo, it\u2019s really important for folks to work together as a team and recognize that \u2018I\u2019m not just accepting the risk for me; I\u2019m accepting it for everyone.\u2019\u201d<\/p>\n<h2>Security on the edge\u2014Manufacturing and IoT<\/h2>\n<p>For the last segment of the webinar, we invited an expert to weigh in on one of the most-attacked industry segments across the globe\u2014manufacturing. Myrna Soto is the CEO and founder of Apogee Executive Advisors, and a board member of prominent companies such as Headspace Health, CMS Energy, Banco Popular, Spirit Airlines, and many more. Cybersecurity in the manufacturing sector carries added urgency because many of these entities are part of the nation\u2019s critical infrastructure\u2014whether it\u2019s manufacturing pharmaceuticals, supporting transportation, or feeding the power grid.<\/p>\n<p><iframe loading=\"lazy\" title=\"Video Player\" src=\"https:\/\/www.microsoft.com\/en-us\/videoplayer\/embed\/RWWP5Q\" class=\"c-video\" frameborder=\"0\" width=\"100%\" height=\"420\" allowfullscreen=\"true\" style=\"\"><\/iframe><\/p>\n<p>The smart factory has introduced more automation into the manufacturing ecosystem, creating new vulnerabilities. \u201cOne of the biggest challenges is the number of third-party connections,\u201d Myrna explains. \u201cIt relates to how entities are interacting with one another; how certain companies have either air-gapped their Internet of Things (IoT) networks or not.\u201d Myrna points out that the supply chain is never holistically managed by one entity, which means those third-party interactions are critical. She mentions the ability to encrypt certain data in machine-to-machine communications as a crucial part of securing an interconnected manufacturing ecosystem. \u201cThe ability to understand where assets are across the ecosystem is one of the key components that need attention,\u201d she points out.<\/p>\n<p>With the prospect of intellectual property loss, disruption to critical infrastructure, along with health and safety risks, Myra sees manufacturing as one area where security teams and board members need to work together with urgency. I asked her to offer some insights gleaned from time spent on the other side of the table\u2014particularly what not to do. \u201cProbably the most annoying thing is the tendency to provide us a deluge of data without the appropriate business context,\u201d she relates. \u201cI\u2019ve seen my share of charts around malware detections, charts on network penetrations. That is difficult for most non-technical board members to understand.\u201d<\/p>\n<h2>Security is a team sport\u2014Join us<\/h2>\n<p>Be sure to watch the full <a href=\"https:\/\/learning.eventbuilder.com\/event\/68662?source=SecurityExpertsRoundTable\" target=\"_blank\" rel=\"noreferrer noopener\">Security Experts Roundtable<\/a> episode. We\u2019ll be doing one of these every other month until they kick us off the stage, so remember to sign up for our May episode. Before we wrap up for today, I\u2019d like to invite you to join us on <strong>March 28, 2023, <\/strong>for a brand-new event: <strong>Microsoft Secure<\/strong>. This event will bring together a community of defenders, innovators, and security experts in a setting where we can share insights, ideas, and real-world skills to help create a safer world for all. <a href=\"https:\/\/secure.microsoft.com\/en-US\/home?wt.mc_ID=MSSecure2023_esc_corp_bl_oo_Feb28_MSSCIRoundtable\" target=\"_blank\" rel=\"noreferrer noopener\">Register today<\/a>, and I\u2019ll see you there!<\/p>\n<p>For more cybersecurity insights and the latest on threat intelligence, visit <a href=\"https:\/\/www.microsoft.com\/security\/business\/security-insider\/\">Microsoft Security Insider<\/a>.<\/p>\n<p>To learn more about Microsoft Security solutions,&nbsp;<a href=\"https:\/\/www.microsoft.com\/security\/\">visit our&nbsp;website<\/a>.&nbsp;Bookmark the&nbsp;<a href=\"https:\/\/www.microsoft.com\/security\/blog\/\">Security blog<\/a>&nbsp;to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (<a href=\"https:\/\/www.linkedin.com\/showcase\/microsoft-security\/\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Security<\/a>) and Twitter (<a href=\"https:\/\/twitter.com\/@MSFTSecurity\" target=\"_blank\" rel=\"noreferrer noopener\">@MSFTSecurity<\/a>)&nbsp;for the latest news and updates on cybersecurity.<\/p>\n<div style=\"height:67px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n<hr class=\"wp-block-separator has-alpha-channel-opacity is-style-wide\"\/>\n<p><sup>1<\/sup><a href=\"https:\/\/www.microsoft.com\/security\/business\/microsoft-digital-defense-report-2022\">Microsoft Digital Defense Report 2022<\/a>, Microsoft. 2022.<\/p>\n<p><sup>2<\/sup><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/ransomware-impacts-over-200-govt-edu-healthcare-orgs-in-2022\/\" target=\"_blank\" rel=\"noreferrer noopener\">Ransomware impacts over 200 govt, edu, healthcare orgs in 2022<\/a>, Ionut Ilascu. January 2, 2023.<\/p>\n<p><sup>3<\/sup><a href=\"https:\/\/www.microsoft.com\/security\/blog\/2021\/11\/10\/the-hunt-for-nobelium-the-most-sophisticated-nation-state-attack-in-history\/\">The hunt for NOBELIUM, the most sophisticated nation-state attack in history<\/a>, John Lambert. November 10, 2021. <\/p>\n<p><sup>4<\/sup><a href=\"https:\/\/www.microsoft.com\/security\/blog\/2022\/03\/22\/dev-0537-criminal-actor-targeting-organizations-for-data-exfiltration-and-destruction\/\">DEV-0537 criminal actor targeting organizations for data exfiltration and destruction<\/a>, Microsoft Threat Intelligence Center. March 22, 2022.<\/p>\n<p><sup>5<\/sup><a href=\"https:\/\/www.microsoft.com\/security\/blog\/2022\/05\/09\/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself\/\">Ransomware as a service: Understanding the cybercrime gig economy and how to protect yourself<\/a>, Microsoft Defender Threat Intelligence. May 9, 2022.<\/p>\n<p><sup>6<\/sup><a href=\"https:\/\/techcommunity.microsoft.com\/t5\/microsoft-security-experts-blog\/part-1-lockbit-2-0-ransomware-bugs-and-database-recovery\/ba-p\/3254354\" target=\"_blank\" rel=\"noreferrer noopener\">Part 1: LockBit 2.0 ransomware bugs and database recovery attempts<\/a>, Danielle Veluz. March 11, 2022.<\/p>\n<p><sup>7<\/sup><a href=\"https:\/\/techcommunity.microsoft.com\/t5\/microsoft-365-defender-blog\/monthly-news-january-2023\/ba-p\/3712287\" target=\"_blank\" rel=\"noreferrer noopener\">Monthly news\u2014January 2023<\/a>, Heike Ritter. January 11, 2023.<\/p>\n<p><sup>8<\/sup><a href=\"https:\/\/www.microsoft.com\/security\/blog\/2022\/10\/14\/new-prestige-ransomware-impacts-organizations-in-ukraine-and-poland\/\">New \u201cPrestige\u201d ransomware impacts organizations in Ukraine and Poland<\/a>, Microsoft Security Threat Intelligence. October 14, 2022.<\/p>\n<p><sup>9<\/sup><a href=\"https:\/\/www.microsoft.com\/security\/blog\/2022\/01\/15\/destructive-malware-targeting-ukrainian-organizations\/\">Destructive malware targeting Ukrainian organizations<\/a>, Microsoft Threat Intelligence Center. January 15, 2022.<\/p>\n<p><sup>10<\/sup><a href=\"https:\/\/www.microsoft.com\/security\/blog\/2022\/08\/03\/microsoft-defender-experts-for-hunting-proactively-hunts-threats\/\">Microsoft Defender Experts for Hunting proactively hunts threats<\/a>, Microsoft Security Experts. August 3, 2022.<\/p>\n<p><sup>11<\/sup><a href=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/implementing-a-zero-trust-security-model-at-microsoft\/\">Implementing a Zero Trust security model at Microsoft<\/a>, Inside Track staff. January 10, 2023.<\/p>\n<p><sup>12<\/sup><a href=\"https:\/\/news.microsoft.com\/on-the-issues\/2022\/05\/03\/how-microsofts-digital-crimes-unit-fights-cybercrime\/\" target=\"_blank\" rel=\"noreferrer noopener\">Digital Crimes Unit: Leading the fight against cybercrime<\/a>, Microsoft. May 3, 2022.<\/p>\n<p><sup>13<\/sup><a href=\"https:\/\/aka.ms\/markslist\" target=\"_blank\" rel=\"noreferrer noopener\">Mark\u2019s List<\/a>, Mark Simos.<\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2023\/02\/28\/microsoft-security-experts-discuss-evolving-threats-in-roundtable-chat\/\">Microsoft Security Experts discuss evolving threats in roundtable chat<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\">Microsoft Security Blog<\/a>.<\/p>\n<p><a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2023\/02\/28\/microsoft-security-experts-discuss-evolving-threats-in-roundtable-chat\/\" target=\"bwo\" >https:\/\/blogs.technet.microsoft.com\/mmpc\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Christine Barrett| Date: Tue, 28 Feb 2023 17:00:00 +0000<\/strong><\/p>\n<p>Get an in-depth recap of the latest Microsoft Security Experts Roundtable, featuring discussions on trends in global cybercrime, cyber-influence operations, cybersecurity for manufacturing and Internet of Things, and more.<\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2023\/02\/28\/microsoft-security-experts-discuss-evolving-threats-in-roundtable-chat\/\">Microsoft Security Experts discuss evolving threats in roundtable chat<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\">Microsoft Security Blog<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10759,10378],"tags":[4500,27209,24729],"class_list":["post-21361","post","type-post","status-publish","format-standard","hentry","category-microsoft","category-security","tag-cybersecurity","tag-microsoft-security-experts","tag-voice-of-the-community"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/21361","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=21361"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/21361\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=21361"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=21361"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=21361"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}